How to join?

Use the phone, Luke!

Piotr Stapp

• Unique name - just sing a song: "Don't Stapp me know" ;)
• SAFe System Principal Architect @ Demant Technology Center
• ex - Senior software/DevOps/Architect @mBank/@FinAi/@Allegro
• Own company (small consulting + workshops)
• M.Sc (distction) Oxford Brooks University in Web Tech
• M.Sc. Warsaw University of Technology in Computer Science

https://www.linkedin.com/in/piotrstapp/

Attention

All opinions are my own

and

do not necessarily reflect

the views of any companies.

Context

Agile -> Scrum -> SAFe

App? Seriosly?

Internal Developer Platform

Benefits:

• Platforms are designed to achieve scale and reduce time-to-value.
• They eliminate toil by offering DevEx and simplified operations.
• Key components include self-sufficiency tools, common task assistance, reusable building blocks, and early feedback on problems or security risks.

https://platformengineering.org

Basic

Pick your favorite cloud

Version control

CI/CD

Did you include?

Our contract

• In this presentation money are not important
• In real life they are

Resources

The incomplete list

Containers

• Azure Container Instances
• Azure Kubernetes Service (AKS)
• Azure Container Apps
• Azure Web App with containers or not
• Virtual machines + custom scripts (e.g. docker-compose up)
• Virtual machines + "cluster management"  (e.g. Rancher, Kubermatic, ... )

No containers

• Not today - sorry :)

Upfront + static costs

Containers

• Azure Container Instances
• Azure Kubernetes Service (AKS)
• Azure Container Apps
• Azure Web Apps with containers or not
• Virtual machines + custom scripts (e.g. docker-compose up)
• Virtual machines + "cluster management"  (e.g. Rancher, Kubermatic, ... )

Easy to scale up

Containers

• Azure Container Instances
• Azure Kubernetes Service (AKS) ***
• Azure Container Apps
• Azure Web Apps
• Virtual machines + custom scripts
• Virtual machines + "cluster management"

Easy to scale down

Containers

• Azure Container Instances
• Azure Kubernetes Service (AKS) ***
• Azure Container Apps
• Azure Web Apps
• Virtual machines + custom scripts
• Virtual machines + "cluster management" *** 

DevEx

Containers

• Azure Container Instances
• Azure Kubernetes Service (AKS) ***
• Azure Container Apps
• Azure Web Apps
• Virtual machines + custom scripts
• Virtual machines + "cluster management" *** 

Voting on hosting

Data

Small recap

• We build a platform - different systems may have different needs
• Still we need to give "something" with:
  • integrated networking
  • HAA
  • support
  • etc.

NoSQL

• Great, isn't it?
• New, isn't it?

SQL

• Solid, isn't it?
• Well known, isn't it?

Options

• Self-hosted "custom" one on VM's
• Azure Storage
• Cosmos DB
  • "Native"
  • Mongo
  • GraphQL
  • Postgres on Cosmos
  • ....
• SQL as a Service
  • MSSQL
  • Postgres
  • MySQL
  • MariaDB

Custom stuff on VM's

Before you decide, you should know

• why PaaS DB won't work for you
• how to manage this custom stuff

Azure Storage

• Very cheap
• Simple key-value or "file database"
• Limit for maximum number of operations
• Used by https://haveibeenpwned.com/

In other words, if I want 100GB of storage and I want to hit it 10 million times, it’ll cost me $8 a month.

Azure SQL for ...

• MSSQL, MySQL, MariaDB and Postgres
• Pricing:
• • DTU versus vCore (Pricing)
  • Single Server vs. Flexible vs. Hyperscale (Pricing) 
• Dynamic scaling? Yes, but ...

Cosmos DB

• "SQL", API for MongoDB, Gremlin, Cassandra, Table, ...
• Key-vaule, Column-Family, Documents, Graph
• Pricing:
  • Standard
  • Auto-scale
  • Serverless
• Dynamic scaling? Yes!!
• Postgres on board? Yes!!!

What about ...

• DB2🙈 (check: IBM DB2 Azure Virtual Machines DBMS)
• Oracle 🙉 (check: Oracle Database Service for Microsoft Azure)
• Redis🙊 (check: Azure Cache for Redis)
• ....

https://db-engines.com/en/ranking

Options

• Self-hosted "custom" one on VM's
• Azure Storage
• Cosmos DB
• SQL as a Service

Voting

Services

or queues?

Let's zoom it

ActiveMQ vs Service Bus

RabbitMQ vs AMPQ

• AMQP 1.0 (used by Service Bus) is a completely different protocol than AMQP 0-9-1 (used by RabbitMQ)
• Rabbit implements AMQP 1.0 via a plugin

Kafka vs Event Hub

To queue or not to queue?

Monitoring & logging

Let's zoom it

What about Azure?

And more

The (in)complete list

• Application Insights
• Azure Monitor ++
• Grafana / Azure Managed Grafana
• Prometheus / Azure Monitor Managed Service for Prometheus
• Self-hosted ELK
• ....

I want to use

User Data Storage
accounts and passwords

Old days

Receipe

• Take one technology that you <3
• Apply the first tutorial about user accounts
• Or copy some stuff from previous project

My case

• .NET Framework (a good one)
• Avoided problems:
  • Passwords with base64
  • SQL injection
• In PHP, NodeJS, Java, .... - situation is simmilar

Seriously!

source

Today

The incomplete list

• Dedicated tools for user management:
  • Active Directory
  • OpenLDAP
  • ...
• Ready to deploy and use:
  • Keycloak,
  • Identity Server 4
  • ...
• SaaS:
  • Auth0
  • Userbase
  • Azure B2C

Candidates

"Self-hosted"

• My own with NuGet / Maven / NPM / pip / ... support
• Active Directory / OpenLDAP / ...
• Keycloak / Identity Server 4 / ...

SaaS

• SaaS outside Azure: Auth0
• "SaaS" inside Azure:  Azure B2C
• Totally "unknow" SaaS: Userbase

SaaS Features

• Facebook / Twitter / Github / .... login
• MFA with application and SMS
• FIDO2
• Custom domain
• Custom CSS
• ....

Money

• https://auth0.com/pricing
• https://azure.microsoft.com/en-us/pricing/details/active-directory/external-identities/
• https://userbase.com/pricing/

"Have I Been Pwned"?

The end?

Our amazing IDP!

State

• We know how to store code
• We know how to host our app
• We know how to deploy it
• We know how to monitor it
• We know how to store data
• We know how to manage users
• We know ....

Are we ready to deploy?

Your deploy will be like dance.

Generating perfect image....

Help! Aider! Hilfe! Pomocy!